heartcombo--devise/test/models/database_authenticatable_test.rb

require 'test_helper'
require 'digest/sha1'

class DatabaseAuthenticatableTest < ActiveSupport::TestCase
  test 'should downcase case insensitive keys when saving' do
    # case_insensitive_keys is set to :email by default.
    email = 'Foo@Bar.com'
    user = new_user(:email => email)

    assert_equal email, user.email
    user.save!
    assert_equal email.downcase, user.email
  end
  
  test 'should remove whitespace from strip whitespace keys when saving' do
    # strip_whitespace_keys is set to :email by default.
    email = ' foo@bar.com '
    user = new_user(:email => email)

    assert_equal email, user.email
    user.save!
    assert_equal email.strip, user.email
  end

  test 'find_for_authentication and filter_auth_params should not modify the conditions hash' do
    FilterAuthUser = Class.new(User) do
      def self.filter_auth_params(conditions)
        if conditions.is_a?(Hash) && login = conditions.delete('login')
          key = login.include?('@') ? :email : :username
          conditions[key] = login
        end
        super(conditions)
      end
    end

    conditions = { 'login' => 'foo@bar.com' }
    FilterAuthUser.find_for_authentication(conditions)

    assert_equal({ 'login' => 'foo@bar.com' }, conditions)
  end
  
  test "filter_auth_params should not convert booleans and integer to strings" do
    conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }
    conditions = User.__send__(:filter_auth_params, conditions)
    assert_equal( { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => "1..10" }, conditions)
  end

  test 'should respond to password and password confirmation' do
    user = new_user
    assert user.respond_to?(:password)
    assert user.respond_to?(:password_confirmation)
  end

  test 'should generate encrypted password while setting password' do
    user = new_user
    assert_present user.encrypted_password
  end

  test 'allow authenticatable_salt to work even with nil encrypted password' do
    user = User.new
    user.encrypted_password = nil
    assert_nil user.authenticatable_salt
  end

  test 'should not generate encrypted password if password is blank' do
    assert_blank new_user(:password => nil).encrypted_password
    assert_blank new_user(:password => '').encrypted_password
  end

  test 'should encrypt password again if password has changed' do
    user = create_user
    encrypted_password = user.encrypted_password
    user.password = user.password_confirmation = 'new_password'
    user.save!
    assert_not_equal encrypted_password, user.encrypted_password
  end

  test 'should test for a valid password' do
    user = create_user
    assert user.valid_password?('123456')
    assert_not user.valid_password?('654321')
  end

  test 'should not raise error with an empty password' do
    user = create_user
    user.encrypted_password = ''
    assert_nothing_raised { user.valid_password?('123456') }
  end

  test 'should be an invalid password if the user has an empty password' do
    user = create_user
    user.encrypted_password = ''
    assert_not user.valid_password?('654321')
  end

  test 'should respond to current password' do
    assert new_user.respond_to?(:current_password)
  end

  test 'should update password with valid current password' do
    user = create_user
    assert user.update_with_password(:current_password => '123456',
      :password => 'pass321', :password_confirmation => 'pass321')
    assert user.reload.valid_password?('pass321')
  end
  
  test 'should add an error to current password when it is invalid' do
    user = create_user
    assert_not user.update_with_password(:current_password => 'other',
      :password => 'pass321', :password_confirmation => 'pass321')
    assert user.reload.valid_password?('123456')
    assert_match "is invalid", user.errors[:current_password].join
  end

  test 'should add an error to current password when it is blank' do
    user = create_user
    assert_not user.update_with_password(:password => 'pass321',
      :password_confirmation => 'pass321')
    assert user.reload.valid_password?('123456')
    assert_match "can't be blank", user.errors[:current_password].join
  end

  test 'should run validations even when current password is invalid or blank' do
    user = UserWithValidation.create!(valid_attributes)
    user.save
    assert user.persisted?
    assert_not user.update_with_password(:username => "")
    assert_match "usertest", user.reload.username
    assert_match "can't be blank", user.errors[:username].join
  end

  test 'should ignore password and its confirmation if they are blank' do
    user = create_user
    assert user.update_with_password(:current_password => '123456', :email => "new@example.com")
    assert_equal "new@example.com", user.email
  end

  test 'should not update password with invalid confirmation' do
    user = create_user
    assert_not user.update_with_password(:current_password => '123456',
      :password => 'pass321', :password_confirmation => 'other')
    assert user.reload.valid_password?('123456')
  end

  test 'should clean up password fields on failure' do
    user = create_user
    assert_not user.update_with_password(:current_password => '123456',
      :password => 'pass321', :password_confirmation => 'other')
    assert user.password.blank?
    assert user.password_confirmation.blank?
  end

  test 'should update the user without password' do
    user = create_user
    user.update_without_password(:email => 'new@example.com')
    assert_equal 'new@example.com', user.email
  end

  test 'should not update password without password' do
    user = create_user
    user.update_without_password(:password => 'pass321', :password_confirmation => 'pass321')
    assert !user.reload.valid_password?('pass321')
    assert user.valid_password?('123456')
  end

  test 'downcase_keys with validation' do
    user = User.create(:email => "HEllO@example.com", :password => "123456")
    user = User.create(:email => "HEllO@example.com", :password => "123456")
    assert !user.valid?
  end
end
Compatibility with Ruby 1.9.1 and 1.9.2. 2010-03-26 06:27:19 -04:00			`require 'test_helper'`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`require 'digest/sha1'`

Initial work on making the authentication stack more flexible. 2010-03-29 10:13:19 -04:00			`class DatabaseAuthenticatableTest < ActiveSupport::TestCase`
add unit and integration tests for case insensitive keys 2010-11-20 09:54:01 -05:00			`test 'should downcase case insensitive keys when saving' do`
			`# case_insensitive_keys is set to :email by default.`
			`email = 'Foo@Bar.com'`
			`user = new_user(:email => email)`
Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00
add unit and integration tests for case insensitive keys 2010-11-20 09:54:01 -05:00			`assert_equal email, user.email`
			`user.save!`
			`assert_equal email.downcase, user.email`
			`end`
Add strip_whitespace_keys which works like case_insensitive_keys but strips whitespace from emails 2011-06-10 04:37:43 -04:00
			`test 'should remove whitespace from strip whitespace keys when saving' do`
			`# strip_whitespace_keys is set to :email by default.`
			`email = ' foo@bar.com '`
			`user = new_user(:email => email)`

			`assert_equal email, user.email`
			`user.save!`
			`assert_equal email.strip, user.email`
			`end`
Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00
dup the conditions hash before calling filter_auth_params, this fixes an issue with reseting your password when using a custom auth field like login 2011-05-16 14:08:22 -04:00			`test 'find_for_authentication and filter_auth_params should not modify the conditions hash' do`
			`FilterAuthUser = Class.new(User) do`
			`def self.filter_auth_params(conditions)`
			`if conditions.is_a?(Hash) && login = conditions.delete('login')`
			`key = login.include?('@') ? :email : :username`
			`conditions[key] = login`
			`end`
			`super(conditions)`
			`end`
			`end`

			`conditions = { 'login' => 'foo@bar.com' }`
			`FilterAuthUser.find_for_authentication(conditions)`

			`assert_equal({ 'login' => 'foo@bar.com' }, conditions)`
			`end`
Conditional string conversion of auth params (Closes #1079) 2011-05-26 09:45:03 -04:00
			`test "filter_auth_params should not convert booleans and integer to strings" do`
			`conditions = { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => (1..10) }`
			`conditions = User.__send__(:filter_auth_params, conditions)`
			`assert_equal( { 'login' => 'foo@bar.com', "bool1" => true, "bool2" => false, "fixnum" => 123, "will_be_converted" => "1..10" }, conditions)`
			`end`
dup the conditions hash before calling filter_auth_params, this fixes an issue with reseting your password when using a custom auth field like login 2011-05-16 14:08:22 -04:00
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`test 'should respond to password and password confirmation' do`
			`user = new_user`
			`assert user.respond_to?(:password)`
			`assert user.respond_to?(:password_confirmation)`
			`end`

Extract encryptors into their own module for better bcrypt support. 2010-09-25 10:08:46 -04:00			`test 'should generate encrypted password while setting password' do`
Refactor tests a little bit and gain more speed (from 12s to 9s in my machine). 2009-11-24 20:19:12 -05:00			`user = new_user`
			`assert_present user.encrypted_password`
Refactoring generating salt and encrypting password only before saving the record. 2009-10-08 19:57:10 -04:00			`end`

Ensure authenticatable_salt can be nil. 2010-11-11 16:51:19 -05:00			`test 'allow authenticatable_salt to work even with nil encrypted password' do`
			`user = User.new`
			`user.encrypted_password = nil`
			`assert_nil user.authenticatable_salt`
			`end`

Refactor tests a little bit and gain more speed (from 12s to 9s in my machine). 2009-11-24 20:19:12 -05:00			`test 'should not generate encrypted password if password is blank' do`
			`assert_blank new_user(:password => nil).encrypted_password`
			`assert_blank new_user(:password => '').encrypted_password`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`end`

			`test 'should encrypt password again if password has changed' do`
			`user = create_user`
			`encrypted_password = user.encrypted_password`
Refactoring generating salt and encrypting password only before saving the record. 2009-10-08 19:57:10 -04:00			`user.password = user.password_confirmation = 'new_password'`
			`user.save!`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`assert_not_equal encrypted_password, user.encrypted_password`
			`end`

Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`test 'should test for a valid password' do`
			`user = create_user`
Adding validatable module containing some default email and password validations. 2009-09-18 11:03:41 -04:00			`assert user.valid_password?('123456')`
			`assert_not user.valid_password?('654321')`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`end`

Update DatabaseAuthenticatable#valid_password? to not raise error on empty password Signed-off-by: José Valim <jose.valim@gmail.com> 2011-04-16 02:13:17 -04:00			`test 'should not raise error with an empty password' do`
			`user = create_user`
			`user.encrypted_password = ''`
			`assert_nothing_raised { user.valid_password?('123456') }`
			`end`

			`test 'should be an invalid password if the user has an empty password' do`
			`user = create_user`
			`user.encrypted_password = ''`
			`assert_not user.valid_password?('654321')`
			`end`

More work on edit. 2010-02-08 14:38:47 -05:00			`test 'should respond to current password' do`
			`assert new_user.respond_to?(:current_password)`
Adding old_password reader method to authenticatable 2009-12-14 20:25:45 -05:00			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should update password with valid current password' do`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`user = create_user`
More work on edit. 2010-02-08 14:38:47 -05:00			`assert user.update_with_password(:current_password => '123456',`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`:password => 'pass321', :password_confirmation => 'pass321')`
			`assert user.reload.valid_password?('pass321')`
			`end`
added update_without_password method 2011-05-05 03:24:21 -04:00
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should add an error to current password when it is invalid' do`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`user = create_user`
More work on edit. 2010-02-08 14:38:47 -05:00			`assert_not user.update_with_password(:current_password => 'other',`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`:password => 'pass321', :password_confirmation => 'pass321')`
			`assert user.reload.valid_password?('123456')`
Got all tests in test/models and failure app ones passing. 369 tests, 805 assertions, 13 failures, 2 errors. 2010-02-16 11:00:36 -05:00			`assert_match "is invalid", user.errors[:current_password].join`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should add an error to current password when it is blank' do`
			`user = create_user`
			`assert_not user.update_with_password(:password => 'pass321',`
			`:password_confirmation => 'pass321')`
			`assert user.reload.valid_password?('123456')`
Got all tests in test/models and failure app ones passing. 369 tests, 805 assertions, 13 failures, 2 errors. 2010-02-16 11:00:36 -05:00			`assert_match "can't be blank", user.errors[:current_password].join`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`end`

Test for previous commit 2011-06-21 20:45:07 -04:00			`test 'should run validations even when current password is invalid or blank' do`
			`user = UserWithValidation.create!(valid_attributes)`
			`user.save`
			`assert user.persisted?`
			`assert_not user.update_with_password(:username => "")`
			`assert_match "usertest", user.reload.username`
			`assert_match "can't be blank", user.errors[:username].join`
			`end`

More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`test 'should ignore password and its confirmation if they are blank' do`
			`user = create_user`
Change test email addresses to ues RFC 2606 reserved domain example.com 2011-04-17 21:14:56 -04:00			`assert user.update_with_password(:current_password => '123456', :email => "new@example.com")`
			`assert_equal "new@example.com", user.email`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00			`end`

Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`test 'should not update password with invalid confirmation' do`
			`user = create_user`
More work on edit. 2010-02-08 14:38:47 -05:00			`assert_not user.update_with_password(:current_password => '123456',`
Adding update_with_password to authenticable. Updates the record only when the :old_password is valid. 2009-12-14 19:55:55 -05:00			`:password => 'pass321', :password_confirmation => 'other')`
			`assert user.reload.valid_password?('123456')`
			`end`
More changes in update_with_password. 2010-02-08 17:14:03 -05:00
			`test 'should clean up password fields on failure' do`
			`user = create_user`
			`assert_not user.update_with_password(:current_password => '123456',`
			`:password => 'pass321', :password_confirmation => 'other')`
			`assert user.password.blank?`
			`assert user.password_confirmation.blank?`
			`end`
Downcase keys before validation. 2011-04-16 06:52:59 -04:00
added update_without_password method 2011-05-05 03:24:21 -04:00			`test 'should update the user without password' do`
			`user = create_user`
			`user.update_without_password(:email => 'new@example.com')`
			`assert_equal 'new@example.com', user.email`
			`end`

			`test 'should not update password without password' do`
			`user = create_user`
			`user.update_without_password(:password => 'pass321', :password_confirmation => 'pass321')`
			`assert !user.reload.valid_password?('pass321')`
			`assert user.valid_password?('123456')`
			`end`

Downcase keys before validation. 2011-04-16 06:52:59 -04:00			`test 'downcase_keys with validation' do`
			`user = User.create(:email => "HEllO@example.com", :password => "123456")`
			`user = User.create(:email => "HEllO@example.com", :password => "123456")`
			`assert !user.valid?`
			`end`
Authenticable module: generating salt and encrypting password 2009-09-17 08:24:33 -04:00			`end`